CVE-2010-3859

Severity :

Medium

Published :

2010-12-29

Modified :

2013-08-21

Base Score :

6.9

Details :

Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 allow local users to gain privileges via a crafted sendmsg call that triggers a heap-based buffer overflow, related to the tipc_msg_build function in net/tipc/msg.c and the verify_iovec function in net/core/iovec.c.